Cross Enclave Authentication Service (CEAS)

A new approach is needed for effectively addressing the fundamental security requirement of authentication within a multi-national environment. The Cross Enclave Authentication Service (CEAS) will be secure, based upon the principle of `least privilege', with enforcement through discretionary and mandatory access controls (DAC and MAC). Technically, CEAS will be interoperable with a variety of credential identifiers and directory service mechanisms, and will be based upon an approach that will be acceptable to international partner coalitions. The solution defined within this proposal will allow users, devices and processes to be identified and authenticated in a multi-national mission oriented context based upon security clearance levels, releasability compartments and operational roles. Referentia Systems Incorporated (Referentia) and Sigaba propose to develop this system using the federated authentication architecture combined with the multi-level secure design. These concepts combined will enable US forces and their coalition partners to communicate securely and selectively based upon each user's clearance, role and need to know within the coalition enclave. The security roles assigned to an individual, process or device may be dynamically changed during a mission only by an authorized system administrator.